Should I define a different limit_req_zone for every virtual host?
February 14, 2015 09:48AM
I have a server with multiple virtual hosts, that is, multiple websites running. I want to set request limits, using "limit_req_zone" and "limit_req".
I've already got it to work, I've read all the documentation and I think I can say that I understand pretty much the basics. However I need to clarify a couple of doubts.

In every example I found on the web, the requests limits are applied in the following way:

http {
[...]
limit_req_zone $binary_remote_addr zone=myzone:10m rate=5r/s;
server {
listen 80;
server_name mysite.com;
limit_req zone=myzone burst=5 nodelay;
}
}


In my case, as I mentioned, I have multiple websites, so my first attempt was to do this:

http {
[...]
limit_req_zone $binary_remote_addr zone=myzone:10m rate=5r/s;
server {
listen 80;
server_name mysite1.com;
limit_req zone=myzone burst=5 nodelay;
}
server {
listen 80;
server_name mysite2.com;
limit_req zone=myzone burst=5 nodelay;
}
}

As you can see, there are two virtual hosts that uses the same shared memory zone called "myzone".
However, in this scenario, I noticed that the rate limit is applied across every virtual host. In other words: if a visitor is browsing mysite1.com and mysite2.com, his requests are sumed and the total is compared to de 5r/s limit.

I don't like that, because I'm running multiple websites, and it's highly possible that one visitor is browsing several of those sites at the same time.
So, I want to apply a 5r/s limit for every client in every virtual host. Does it mean that I have to declare ashared memory zone for **every virtual host**? Is that ok? Is it a common practice? I couldn't find an example on the web about this.

This is how I would do it, and I would like some comments about if it's ok:

http {
[...]
server {
listen 80;
server_name mysite1.com;
limit_req_zone $binary_remote_addr zone=zonemysite1:10m rate=5r/s;
limit_req myzone=zonemysite1 burst=5 nodelay;
}
server {
listen 80;
server_name mysite2.com;
limit_req_zone $binary_remote_addr zone=zonemysite2:10m rate=5r/s;
limit_req myzone=zonemysite2 burst=5 nodelay;
}
}


Is that ok? If that's ok, would I have to do the same with limit_conn_zone? Thanks in advance
Re: Should I define a different limit_req_zone for every virtual host?
February 14, 2015 10:21AM
Define your zones in one place and use them where you need them, and yes you need multiple zones if you don't want mixed results. A zone is one cache after all, so each entry is only unique to it's zone.

---
nginx for Windows http://nginx-win.ecsds.eu/
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 330
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready